oAuth 2 token does it get refreshed in every request?

Describe the problem/error/question

I would like to know if using the Oauth 2 authentication in the HTTP node means every time that webhook is requested and the HTTP node is executed it will get a fresh new token, or it uses the same token for other same workflow executions.

Scenario 1:
I have an HTTP node that triggers another scenario webhook 100 times.

Scenario 2:
The webhook gets triggered 100 times, and step 2 is an HTTP node with Oauth 2 authentication.

Does that the HTTP node that has the OAUTH 2 authentication, requested the token 100 times, or it was made 1 time in the first execution and in the expiration gap of the token (30 minutes) all the next 99 requests were made using the same token from execution 1?

I’m asking this because I feel like every call its requesting a new token, adding an extra 3–5 seconds to each run.

And having that information I could make an HTTP request before to get the token and then request 100 times the webhook passing the token and using it directly from the input data in all the 100 runs.

currently oAuth2 tokens are refreshed only if usage of the previous token returns 401.

If you are seeing a refresh call happen for every request, it’s either that the service that you are calling is invalidating the token after first use (not very likely), or (more likely) that after a token refresh the updated data is getting saved into the DB saved after the other requests are already processing.
I’m guessing it’s the second thing, and to fix it we’d need some kind of locking mechanism to make concurrent oauth2 refresh calls fire only a single actual request.

btw, can you please fill out the issue template with the relevant info? it helps narrow down issues :pray:

Sure. This is my current setup:

Information on your n8n setup

  • n8n version: 1.16.0
  • Database (default: SQLite): Postgresql
  • n8n EXECUTIONS_PROCESS setting (default: own, main): queue
  • Running n8n via (Docker, npm, n8n cloud, desktop app): docker image + railway

I’m not fully understanding that part. So you say the token is being saved in the DB and while that happens, other executions that “check” the db to see if there’s a token and because the token is not fully saved yet, they start to “generate” a new one?

100% no to this. I use the same API request in other platforms getting the token from the database and the token is updated every 25 minutes… +2000 requests being made with the same token from DB with no issues in the before getting a new one.

Yeah, that’s my leading theory right now. It’s kind of a race condition. I’ll try debugging this tomorrow morning and I find a quick solution, I’ll let you know.